On the use of OWL Reasoning for Evaluating Access Control Policies
نویسندگان
چکیده
We present a Description Logics approach to the management of XACML policies. We explain how policies can be mapped to a DL axiomatization, and how authorization requests can be answered using standard DL reasoning tools. Our model represents a valid substratum for managing policies whose expressivity can not be captured by standard engines. Furthermore, advanced security functionalities, as Policy Harmonization and Policy Explanation, can be implemented in the context of the present model.
منابع مشابه
An automatic test case generator for evaluating implementation of access control policies
One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملDesign and Application of Rule Based Access Control Policies
Access control is an important issue among the security problems of resources in distributed systems. In order to enable entities in distributed systems to understand and interpret policies correctly, common concern is drawn to the problem of expressing access control policies with semantic information. In this paper, we introduce how to express access control policies based on OWL and SWRL. It...
متن کاملIdeas for Extending the Approach to Evaluating Health in All Policies in South Australia; Comment on “Developing a Framework for a Program Theory-Based Approach to Evaluating Policy Processes and Outcomes: Health in All Policies in South Australia”
Since 2008, the government of South Australia has been using a Health in All Policies (HiAP) approach to achieve their strategic plan (South Australia Strategic Plan of 2004). In this commentary, we summarize some of the strengths and contributions of the innovative evaluation framework that was developed by an embedded team of academic researchers. To inform how the use of HiAP is evaluated mo...
متن کاملUsing OWL Design Patterns for Modeling and Reasoning with Organizational Policies
Organizations use policies to manage business cases effectively and efficiently. However, when they start defining their policies, they are often incomplete. In order to enact the incomplete set of policies they define a default policy that is used for cases that do not match the initial policy set. Since matching a business case to a set of policies is a classification problem, we suggest that...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2015